Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/DuJl0NZTL621zDW2I_CY_tRxxiM.roa
File: DuJl0NZTL621zDW2I_CY_tRxxiM.roa (raw, json)
Hash identifier: 2nPbwSzPridhCt2flY27PgMORkVZnARyeAg5hJTuzMA=
Subject key identifier: 0E:E2:65:D0:D6:53:2F:AD:B5:CC:35:B6:23:F0:98:FE:D4:71:C6:23
Certificate issuer: /CN=bbfbee4a968df0fac4751b4f49027fa095c65277
Certificate serial: 018CCA9907BFAB3DAF9B7FCE16394F429426
Authority key identifier: BB:FB:EE:4A:96:8D:F0:FA:C4:75:1B:4F:49:02:7F:A0:95:C6:52:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/DuJl0NZTL621zDW2I_CY_tRxxiM.roa
Signing time: Tue 02 Jan 2024 14:34:35 +0000
ROA not before: Tue 02 Jan 2024 14:34:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49879
IP address blocks: 185.21.204.0/22 maxlen: 22
217.116.192.0/21 maxlen: 21
217.116.200.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:07:bf:ab:3d:af:9b:7f:ce:16:39:4f:42:94:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbfbee4a968df0fac4751b4f49027fa095c65277
Validity
Not Before: Jan 2 14:34:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ee265d0d6532fadb5cc35b623f098fed471c623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:68:e4:54:c2:50:92:24:5f:c9:4f:06:c8:61:
1c:4c:05:ac:26:c9:c7:45:54:ba:78:03:1b:8b:61:
8f:63:08:85:fe:30:3a:af:13:e3:a2:7a:67:fa:3b:
c5:3f:38:e6:0e:77:96:15:86:b8:96:c5:da:55:e4:
99:c0:88:a1:7e:8e:71:fc:43:62:ce:29:ab:81:4e:
6c:e7:72:e8:5d:45:0f:45:17:d4:b9:d5:39:a0:f4:
91:42:77:a4:a0:2f:72:44:42:dd:de:2c:ae:ff:2d:
23:b3:a0:42:1c:5d:bf:6d:3e:55:f9:f7:b3:54:b8:
1f:09:b6:4a:a8:f9:59:f9:bb:aa:3c:14:c6:80:5c:
21:0e:19:ad:a1:b2:95:a2:9c:4c:bc:8a:90:c8:32:
1a:96:77:bd:26:4b:9f:41:53:eb:9b:8c:55:58:1d:
9f:0a:95:8c:78:76:6b:16:17:0c:06:14:30:87:ae:
37:e1:be:20:1a:52:35:14:48:43:86:67:76:7a:c4:
34:9d:82:ae:23:bb:b5:1e:9d:0c:03:d2:82:16:2f:
ec:d1:5e:56:af:36:ce:c2:e8:e9:03:06:19:94:18:
ed:0d:88:57:ce:ac:08:68:9c:1d:c3:cd:29:07:8a:
26:ff:99:e9:e6:ea:20:5d:6a:72:e6:49:a3:96:f0:
83:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E2:65:D0:D6:53:2F:AD:B5:CC:35:B6:23:F0:98:FE:D4:71:C6:23
X509v3 Authority Key Identifier:
keyid:BB:FB:EE:4A:96:8D:F0:FA:C4:75:1B:4F:49:02:7F:A0:95:C6:52:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/DuJl0NZTL621zDW2I_CY_tRxxiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.204.0/22
217.116.192.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:63:28:d4:90:e1:e3:de:43:15:da:93:25:41:cb:32:1a:52:
1e:6d:23:60:17:11:d8:8c:e9:3c:9b:73:df:7c:4f:76:60:de:
12:c8:8c:00:f9:06:ae:42:e0:6e:45:e4:78:b4:74:05:ae:96:
c6:2d:9e:87:77:87:68:3f:c4:82:1a:a5:1e:b8:d3:8a:f1:0c:
92:0c:c0:01:1c:aa:7a:f2:67:c3:2c:f7:90:a6:2a:74:6e:4d:
b5:94:91:22:16:f6:99:b9:db:2b:f1:34:15:3a:19:51:09:a0:
cc:1a:5b:ef:6a:9d:4b:83:24:84:ef:17:11:9a:ed:81:1a:c3:
37:5e:70:7c:a6:a8:4f:ee:13:3d:13:13:d0:ce:88:9a:5c:03:
42:2c:2a:2c:10:7b:17:89:0c:c6:be:9e:8a:89:35:26:d3:4d:
6d:88:18:36:f1:1b:65:50:61:7d:a8:89:70:4e:d5:19:bb:18:
c5:e4:93:77:c4:d0:50:29:c3:48:87:12:41:ad:09:ad:23:10:
82:e6:13:eb:63:30:16:86:90:6e:c5:b2:20:38:54:fc:38:b8:
70:a0:57:58:c7:64:4d:a2:97:f8:5c:80:5b:af:75:e1:50:ab:
bc:d2:16:d7:8d:63:ed:29:84:0c:65:b2:0b:d0:4e:38:75:5f:
32:e2:cf:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKmQe/qz2vm3/OFjlPQpQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmJlZTRhOTY4ZGYwZmFjNDc1MWI0ZjQ5MDI3ZmEwOTVj
NjUyNzcwHhcNMjQwMTAyMTQzNDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWUyNjVkMGQ2NTMyZmFkYjVjYzM1YjYyM2YwOThmZWQ0NzFjNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmjkVMJQkiRfyU8GyGEcTAWsJsnH
RVS6eAMbi2GPYwiF/jA6rxPjonpn+jvFPzjmDneWFYa4lsXaVeSZwIihfo5x/ENi
zimrgU5s53LoXUUPRRfUudU5oPSRQnekoC9yRELd3iyu/y0js6BCHF2/bT5V+fez
VLgfCbZKqPlZ+buqPBTGgFwhDhmtobKVopxMvIqQyDIalne9JkufQVPrm4xVWB2f
CpWMeHZrFhcMBhQwh6434b4gGlI1FEhDhmd2esQ0nYKuI7u1Hp0MA9KCFi/s0V5W
rzbOwujpAwYZlBjtDYhXzqwIaJwdw80pB4om/5np5uogXWpy5kmjlvCDvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA7iZdDWUy+ttcw1tiPwmP7UccYjMB8GA1UdIwQY
MBaAFLv77kqWjfD6xHUbT0kCf6CVxlJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV92dVNwYU44UHJFZFJ0UFNRSl9vSlhHVW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jZDA4MWUtODljMi00MzA5LTk0OTAt
MGE4OWM2OTk2ZmVmLzEvRHVKbDBOWlRMNjIxekRXMklfQ1lfdFJ4eGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jZDA4MWUtODljMi00MzA5LTk0OTAtMGE4OWM2OTk2ZmVm
LzEvdV92dVNwYU44UHJFZFJ0UFNRSl9vSlhHVW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRXMAwQE
2XTAMA0GCSqGSIb3DQEBCwUAA4IBAQBNYyjUkOHj3kMV2pMlQcsyGlIebSNgFxHY
jOk8m3PffE92YN4SyIwA+QauQuBuReR4tHQFrpbGLZ6Hd4doP8SCGqUeuNOK8QyS
DMABHKp68mfDLPeQpip0bk21lJEiFvaZudsr8TQVOhlRCaDMGlvvap1LgySE7xcR
mu2BGsM3XnB8pqhP7hM9ExPQzoiaXANCLCosEHsXiQzGvp6KiTUm001tiBg28Rtl
UGF9qIlwTtUZuxjF5JN3xNBQKcNIhxJBrQmtIxCC5hPrYzAWhpBuxbIgOFT8OLhw
oFdYx2RNopf4XIBbr3XhUKu80hbXjWPtKYQMZbIL0E44dV8y4s8p
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:22:59 2024 by rpki-client on console-ams.rpki-client.org